Yesterday, security researchers discovered that a Chinese-made baby monitor sold on Amazon is riddled with vulnerabilities, confirming a mother’s suspicion that her device had been hacked to spy on her infant. This is just another example, of the millions of vulnerable IoT devices across the globe, which are waiting to be compromised by malicious actors.
Sean Newman, Director at Corero Network Security:
“After lessons learnt from the Mirai IoT DDoS botnet, over 20 months ago, you might have thought that more IoT device manufacturers would have started to make improvements to the security of their devices by now. However, the latest reports of cloud connected, video enabled, baby monitors being compromised, shows that this just isn’t the case. Like the devices exploited by that original Mirai botnet, these IoT devices are being exposed due to weak security, with the same fixed default administrator username-password pair applied to every model shipped from the factory. Not only does that leave these devices easily exploitable for various nefarious purposes, including DDoS attacks, as with Mirai, this case also brings with it serious privacy concerns for the users of these devices.”